k2tec

Well-Known Member
Aug 26, 2011
104
5
68
Netherlands
cPanel Access Level
Root Administrator
I tried to change the dir of secdatadir from /var/cpanel/secdatadir
to
/var/log/secdatadir
because of the error in ModSecurity

Code:
ModSecurity: collections_remove_stale: Failed to access DBM file "/var/cpanel/secdatadir/ip": Permission denied
ModSecurity: collections_remove_stale: Failed to access DBM file "/var/cpanel/secdatadir/global
I create the dir
mkdir /var/log/secdatadir
chown -R nobody:nobody /var/log/secdatadir
copied the files ip.pag,ip.dir, global.dir, global.pag to /var/log/secdatadir
chmod o-rx -R /var/log/secdatadir
chmod ug+rwx -R /var/log/secdatadir

Made the change in my /usr/local/apache/conf/modsec2.user.conf
SecDataDir "/var/log/secdatadir"

I use WHM 11.52.1 (build 3)
  • Apache 2.4
  • PHP 5.4
  • MPM Prefork
  • Mod Ruid2

I've read a lot on this forum, but have not found the answer
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,903
2,237
463
Hello :)

That's not a viable workaround to the problem you are reporting. This issue is caused by a combination of Apache Mod Ruid2 with Mod Security rules that use file-backed collections. This happens because Mod Ruid2 causes Mod Security to access /var/cpanel/secdatadir as the account which owns that domain, instead of as the "nobody" user. There's a thread on this at:

Mod RUID 2 and ModSecurity

Thank you.
 
  • Like
Reactions: quizknows